Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5212.001 Week 12 Site:

Similar presentations


Presentation on theme: "MIS 5212.001 Week 12 Site:"— Presentation transcript:

1 MIS Week 12 Site:

2  In the news  Presentation (1)  WEP  Revisit Kismet  Introduction to Aircrack  Attacking WEP  WPA-PSK  Next Week 2MIS

3  Submitted  youtube-video.html youtube-video.html  stingray-spy-tool-46-times-without-warrant/ stingray-spy-tool-46-times-without-warrant/  breaches-and-compromises-to-rock-2015-(so- far)/d/d-id/ breaches-and-compromises-to-rock-2015-(so- far)/d/d-id/  cyber-attack-israel.html cyber-attack-israel.html MIS

4  Submitted MIS

5  What I noted  crimeware-emv-replay-attacks/ crimeware-emv-replay-attacks/  _crypto_encryption_snafu_pull/ _crypto_encryption_snafu_pull/  pular_crypto_app_uses_xor_and_nothing_else_hack er_says/ pular_crypto_app_uses_xor_and_nothing_else_hack er_says/  certificate-expire certificate-expire  https://securityledger.com/2015/04/research-iot- hubs-expose-connected-homes-to-hackers/ https://securityledger.com/2015/04/research-iot- hubs-expose-connected-homes-to-hackers/ MIS

6 6

7  Basic encryption for wireless networks  Specified in IEEE  Required a minimum 40-bit key, usually set at 104-bit  Uses RC-4 encryption  Applied only to data frames (Payload)  Still widely used, especially on older gear MIS

8  Described as 64 or 128 bit  Reality is 40 or 104  The pre-shared key (Not the same as WPA- PSK) is either 5 or 13 bytes  Initialization vector is transmitted with each packet  IV and key are concatenated to create a per packet key  IV is not a secret!  Four possible keys, index 0-3 MIS

9  One bit field in the frame control field  Called by a number of different names  WEP bit  Privacy bit  Secure bit  With this bit set, the receiving station expects to see a four byte WEP header immediately following the header  Also expects to see a four byte trailer immediately following the payload or data portion MIS

10  The four byte header is also the initialization vector or IV along with the index number to designate which WEP key was used  Again, this was used with the WEP key to encrypt the data packet  The four byte trailer is the Integrity Check Value or ICV  This function similar to a CRC check to protect against packet modification MIS

11  Stream cypher  One byte at a time  100 bytes of plaintext = 100 bytes of cypher text + eight bytes of WEP overhead  Requires a unique key (No re-use)  Recall: concatenated from IV and shared secret  Uses a pseudo randomization function referred to as PRGA (Pseudo-random generation algorithm )  PRGA is XOR’d with the plaintext  Recall article on XOR from in the news MIS

12  Poor  Key selection  Message integrity check  Initialization Vector (too short)  No replay protection  Challenge response reveals PRGA  Key is reversible from cypher test (XOR) MIS

13  Restricted to 5 or 13 character pre-shared key  Reduced key efficiency to 2 24  Users often use dictionary words MIS

14  Weak IV selection leads to key recovery  Known plaintext reveals key information  First two bytes of WEP payload are mandated by header spec (0xAA 0xAA)  Once you have enough weak IVs, you can recover the key  We will look at the Aircrack-ng tool for this MIS

15  Pre-installed in Kali  Similar issue to Kismet, will need to launch from terminal, not from drop down  Aircrack-ng site has detailed information on installation, building from source, and use  MIS

16  Need to connect wireless card to Kali  Need to verify using iwconfig command  Then launch Kismet for a little recon  This will also force the wireless card in to monitor mode  Since StarDrive is my AP we’ll focus on it MIS

17  Double clicking on name gives me detail screen  Note  MAC Address  WEP bit  “Network” menu has option to close window and return to summary MIS

18 MIS

19  We found the AP we want to attack  Know Name (SSID), MAC Address (BSSID), WEP  This also had the affect of forcing wlan0 into monitor mode MIS

20  Lots of extras at:  ng.org/doku.php?id=simple_wep_crack&Dok uWiki=6a160c439893f7cfb1e861fe023a1e9d ng.org/doku.php?id=simple_wep_crack&Dok uWiki=6a160c439893f7cfb1e861fe023a1e9d  We’ll run through a few MIS

21  Created ARP traffic to get data faster  You do need access to wired network, so limited applicability in the wild  Used command: MIS

22  Running command:  This will create log file capture*.cap for further analysis MIS

23  Once enough data has been collected, run  aircrack-ng output*.cap  If you don’t have enough data you will see MIS

24  Eventually, with enough IVs you can get to this: MIS

25  Recall, WPA introduced TKIP  WPA2 introduced CCMP and kept TKIP  Both work with both personal and enterprise  Personal – PSK, Enterprise 802.1x  WPA and WPA2 very similar for PSK MIS

26  PSK – Pre-Shared Key  KEK – Key Encryption Key  PMK – Pairwise Master Key – Comes from PSK or EAP method  PTK – Pairwise Temporal Key  Two MIC keys (RX and TX  EAPOL Key Encryption Key  EAPOL Key Confirmation Key MIS

27  PMK is 256 bits in length  PMK is derived using passphrase, ssid, and ssid length information  Hashed 4096 times using HMAC-SHA1  This means process cannot be reversed to extract passphrase MIS

28  Combines MAC of STA and AP with STA and AP nonces  Update nonces generate fresh keys  Uses PMK as additional input (Re: Key) along with the phrase “Pairwise Key Expansion” and combines with above and hashed w/ SHA1 to generate a PTK Note: Nonce is a random value generated by both STA and AP MIS

29  PTK is 384/512 bits in length  First 16 bytes – HMAC MIC key  Next 16 – EAPOL-Key KEK  Next 16 – Temporal Encryption Key  Next 8 – TX TKIP Michael (MIC) Key  Next 8 – RX TKIP Michael (MIC) Key MIS

30 Step 1ANonce, start new PTK negotion SNonce, MIC of Frame 2Step 2 Step 3MIC of frame 3 MIC of frame 4, ready to TX/RX Step 4 MIS

31 MIS  Example  First four lines are 4-Way Handshake  Source has capture file if you want to look for yourself Source:

32  AP beacon frames identify capability information  Cypher suite support  Auth key management  Wireshark can filter traffic, then manual inspection can identify MIS

33  Example of beacon frame in wireshark  wireless/cracking-wpawpa2-con-reaver/ wireless/cracking-wpawpa2-con-reaver/ MIS

34  In the news  More wireless  John the Ripper  Attacking WPA-PSK  Final thoughts MIS

35 ? MIS


Download ppt "MIS 5212.001 Week 12 Site:"

Similar presentations


Ads by Google